Computer Networks, Inc.https://www.computernetworksinc.com
Sat, 06 Jun 2020 15:46:51 +0000en-UShourly1https://wordpress.org/?v=4.9.14Old LiveJournal Database Breach Is Now Being Leaked Onlinehttps://www.computernetworksinc.com/2020/06/06/old-livejournal-database-breach-is-now-being-leaked-online/
https://www.computernetworksinc.com/2020/06/06/old-livejournal-database-breach-is-now-being-leaked-online/#respondSat, 06 Jun 2020 15:00:00 +0000https://www.computernetworksinc.com/2020/06/06/old-livejournal-database-breach-is-now-being-leaked-online/Do you have an account on LiveJournal? If so, you may have heard the persistent rumors that have been circulating since 2014 that the company was breached and some 33 million user ...]]>Do you have an account on LiveJournal?

If so, you may have heard the persistent rumors that have been circulating since 2014 that the company was breached and some 33 million user records were stolen.

To this day, LiveJournal denies that they were breached.

Unfortunately, this month (May, 2020), a database containing 33,717,787 records, each with a unique user record, has been found circulating free of charge on the Dark Web. The database contains usernames, email addresses and plain text passwords. Given this fact, despite what LiveJournal may claim, it seems that they were indeed breached.

If there's a silver lining to be found here, it lies not with LiveJournal's response, but with the fact that the database is more than six years old. Even if you have an account on the site, odds are excellent that you would have changed your password at some point in the intervening six years. Just to be safe, however, even if that's the case, the safest course of action would be to change it again.

It's also worth repeating that if you're in the habit of using the same password across multiple web properties, and you recycled your LiveJournal password on some other website, you'll need to reset those passwords as well. This would also be an excellent time to break yourself of that habit. Start using different passwords on every website you access and enable two-factor authentication protocols everywhere you can.

Sadly, LiveJournal's response to the existence of the database has been to double down on their denial, but the evidence that a breach occurred seems overwhelming. The account information had to come from somewhere, after all, and the record count aligns almost perfectly with the persistent rumors. Even though this is an old breach, change your LiveJournal password right away, just to be safe.

]]>https://www.computernetworksinc.com/2020/06/06/old-livejournal-database-breach-is-now-being-leaked-online/feed/0Monetary Demands Are Skyrocketing For Ransomware Decryptionshttps://www.computernetworksinc.com/2020/06/05/monetary-demands-are-skyrocketing-for-ransomware-decryptions/
https://www.computernetworksinc.com/2020/06/05/monetary-demands-are-skyrocketing-for-ransomware-decryptions/#respondFri, 05 Jun 2020 15:00:00 +0000https://www.computernetworksinc.com/2020/06/05/monetary-demands-are-skyrocketing-for-ransomware-decryptions/Ransomware attacks have evolved quite a lot over the course of the past year, and have become one of the most visible threats organizations of all sizes face. That is, based on ...]]>Ransomware attacks have evolved quite a lot over the course of the past year, and have become one of the most visible threats organizations of all sizes face.

That is, based on recently published research conducted by Group-IB, which analyzed the rapidly changing threat landscape. Their findings should disturb every business owner.

Here's a quick overview:

First and foremost, ransomware attacks have become much more commonplace. The year 2019 saw a 40 percent increase over 2018, which is a clear indication that hackers around the world are increasingly seeing ransomware strains as their preferred vehicle for attacking organizations.

Second, the average size of the ransom demanded has been steadily increasing, moving from just $6,000 to a staggering $84,000. The focus is on large corporations and government agencies being the driving factor behind the dramatic increase.

In terms of tactics, far and away, the most common means of gaining an initial foothold onto a corporate or government network is RDP (Remote Desktop Protocol). RDP serves as the point of entry for 70 percent-80 percent of the attacks.

Aside from this, incident response teams report that exploit kits and spear phishing campaigns were also used regularly, though these were vastly overshadowed by RDP. The teams responding to Group-IB's information requests also noted that more advanced ransomware actors relied on advanced methods that gave them access to more valuable targets.

The methods the hackers used include:

Compromising MSP's (Managed Service Providers)

Exploiting un-patched vulnerabilities in applications

Compromising supply chains

The bottom line is that no one is safe, and the price of a successful breach has increased dramatically. Worse, an increasing percentage of hackers are now demanding not one, but two ransoms from each target they hit. The initial payment to unlock encrypted files and a second payment to delete their copies of stolen files, rather than publishing them for all to see.

The best way to keep your company safe from this particular threat is to minimize your reliance on RDP and to make sure you've got a robust backup plan in place. If you haven't yet taken both steps, the time to do so is now.

]]>https://www.computernetworksinc.com/2020/06/05/monetary-demands-are-skyrocketing-for-ransomware-decryptions/feed/0Major WiFi Updates Came To Windows 10 Recentlyhttps://www.computernetworksinc.com/2020/06/04/major-wifi-updates-came-to-windows-10-recently/
https://www.computernetworksinc.com/2020/06/04/major-wifi-updates-came-to-windows-10-recently/#respondThu, 04 Jun 2020 15:00:00 +0000https://www.computernetworksinc.com/2020/06/04/major-wifi-updates-came-to-windows-10-recently/Great news for the legions of Windows 10 users around the world. Version 2004 comes with a significant WiFi update that includes Wi-Fi6 and WPA3 support, which will give users better wireless ...]]>Great news for the legions of Windows 10 users around the world. Version 2004 comes with a significant WiFi update that includes Wi-Fi6 and WPA3 support, which will give users better wireless performance and increased security.

That's great news, but of course, there's a catch. In order to make use of WiFi 6, you'll need a router with support for both WiFi6 and WPA3.

Although those do currently exist and are available for sale today, they are new, and therefore a bit on the expensive side. Even so, the new Windows 10 update gives you a compelling reason to upgrade your equipment.

If you recently purchased a new router, it may already support the latest standard. If so, that fact will be indicated either in the router's documentation or on the manufacturer's website.

You can check to see if you're currently connected to a WiFi6 network by following these steps:

Connect to your network

Select the WiFi network icon on the right side of the taskbar.

Click on "Properties," which you'll find beneath the name of your network.

When the properties screen loads, click the "Properties" tab and look at the information displayed next to "Protocol."

If you're connected to a WiFi 6 network, you'll see "Wi-Fi 6 (802.11ax) in the Protocol box.

To see if you're connected using WPA3 security, follow these steps:

Once you connect to your WiFi network, click the icon on the right side of the taskbar, then select Properties, located under your network's name.

Once the screen loads, click the "Properties" tab and look at the information displayed next to "Security Type." If it says WPA3, you're all set.

To be sure you're using the latest Windows 10 update, just click your Start button, go to Settings, then Update & Security, and then Windows Update. Once there, you'll see a button labeled "Check for Updates." Click that, and if a new update is available, it will start downloading.

This is great news, and if you're looking for a simple way to boost your performance and productivity, this is it. Kudos to Microsoft for the inclusion.

]]>https://www.computernetworksinc.com/2020/06/04/major-wifi-updates-came-to-windows-10-recently/feed/0Hackers Set Their Sights On Cloud Serviceshttps://www.computernetworksinc.com/2020/06/03/hackers-set-their-sights-on-cloud-services/
https://www.computernetworksinc.com/2020/06/03/hackers-set-their-sights-on-cloud-services/#respondWed, 03 Jun 2020 15:00:00 +0000https://www.computernetworksinc.com/2020/06/03/hackers-set-their-sights-on-cloud-services/Thanks to the pandemic, tens of millions of people are working from home. Even before then, the Cloud was experiencing a tremendous amount of growth, but since shelter in place orders were ...]]>Thanks to the pandemic, tens of millions of people are working from home.

Even before then, the Cloud was experiencing a tremendous amount of growth, but since shelter in place orders were issued by many governments around the world, growth has absolutely skyrocketed.

This has drawn the attention of a number of hacking groups, which have taken an increased interest in gaining access to Cloud resources, stealing login credentials and then making off with a wide range of sensitive data.

According to statistics gathered by McAfee, the number of attacks aimed squarely at Cloud services have increased by a whopping 630 percent between January and April of this year.

Broadly speaking, the attacks come in two basic flavors:

First, logins from anomalous locations that haven't previously been used and is not familiar to the organization.

Second, what researchers are calling 'suspicious superhuman' logins, which are defined by multiple login attempts in a short span of time from locations scattered across the globe. For instance, you might see one login attempt made in South America with another, a few seconds later, in Asia, and so on.

Rajiv Gupta, the Senior Vice President For Cloud Security at McAfee, had this to say about the company's findings:

"The risk of threat actors targeting the cloud far outweighs the risk brought on by changes in employee behavior."

The good news is that there's a relatively simple way for organizations to reduce the risk to near-zero. Simply enable two-factor authentication and the vast majority of these types of attacks will be doomed to fail.

The bottom line is that the risks are increasing and that's not likely to change anytime soon. Stay on your guard and make sure your people are aware. Phishing scams are the most common means of gaining access to login credentials.

]]>https://www.computernetworksinc.com/2020/06/03/hackers-set-their-sights-on-cloud-services/feed/0Gmail Gets New Quick Menu Setting In Updatehttps://www.computernetworksinc.com/2020/06/02/gmail-gets-new-quick-menu-setting-in-update/
https://www.computernetworksinc.com/2020/06/02/gmail-gets-new-quick-menu-setting-in-update/#respondTue, 02 Jun 2020 15:00:00 +0000https://www.computernetworksinc.com/2020/06/02/gmail-gets-new-quick-menu-setting-in-update/Google recently announced a change to Gmail that will make it easier for the service's 2 billion+ users to experiment with different themes, layouts and settings. Even better, users can see the ...]]>Google recently announced a change to Gmail that will make it easier for the service's 2 billion+ users to experiment with different themes, layouts and settings.

Even better, users can see the results of their changes before actually applying them.

To make use of the new feature, all you have to do is click the gear icon on your Gmail screen.

This displays the settings menu, which allows you to select and view different display options, inbox types and interfaces. The changes are shown alongside your current inbox, giving you a simple way to compare and contrast. Just find one you like and once you're happy, apply the change.

The company started rolling out the new "Quick Menu" option for G Suite and consumer uses on Tuesday, but if you don't see it at present, give it a few days. With more than two billion users, it's going to take several days for Google to complete the rollout.

Google had this to say about the recent change:

"We're making these options easier to find, and letting you explore them in real time, so your actual inbox will update immediately to show you exactly what the setting will do. We hope this makes it easier to set up Gmail the way that works best for you."

It's a small point, but it's worth mentioning that the new menu option is enabled for all users by default, and there is no admin control option for it.

In any case, it's well worth experimenting with as you may find a layout that allows you to work more efficiently. Honestly, we love the new feature and we think you will too. Give the various options available a try, and kudos to Google for continuing to improve the user experience.

]]>https://www.computernetworksinc.com/2020/06/02/gmail-gets-new-quick-menu-setting-in-update/feed/0Three Tips To Communicate Effectively with Remote Workershttps://www.computernetworksinc.com/2020/06/01/three-tips-to-communicate-effectively-with-remote-workers/
https://www.computernetworksinc.com/2020/06/01/three-tips-to-communicate-effectively-with-remote-workers/#respondMon, 01 Jun 2020 16:16:33 +0000https://computernetworks.axionthemes.com/2020/06/01/three-tips-to-communicate-effectively-with-remote-workers/ With so many people working from home these days, there’s a very real concern that in the absence of regular face to face communication, signals will get crossed. In this video, we’ll outline three simple strategies ...]]>

With so many people working from home these days, there’s a very real concern that in the absence of regular face to face communication, signals will get crossed. In this video, we’ll outline three simple strategies you can adopt to make sure that doesn’t happen, coming up next…

If you’re used to a more structured workday that involves going into the office and having face to face communications, you may find yourself frustrated by the fact that your emails and other messages are being misinterpreted. To minimize that, here are three simple and effective things you can do to communicate effectively with your remote workers:

Number 1: Clear Concise Messaging

The first rule of remote communications is to keep it simple. If you’re not in the habit of doing that, get in the habit of expressing a single point or idea in each message you send so there’s no way the point can be lost or misunderstood.

Number 2: Set Expectations

One thing that many people overlook is the importance of setting expectations any time your work environment changes. Many organizations are going through a big change so it’s a good idea to take a moment to regroup and reset expectations until everyone has time to adjust.

Number 3: Call or Video Conference

The written word is fantastic but sometimes nuance can get lost in an email. If you’re worried about that happening, there’s an easy fix. Pick up the phone, or use FaceTime, Skype, or another video-based communication service. Being able to see and hear the person you’re talking with will not only help ensure clearer communications, but it’ll also go a long way toward making you feel less isolated if you’re working from home.

Put these three tips into practice, starting today, and the quality and clarity of your communications will see a dramatic improvement.

If you have questions about how our team can help you manage your I.T. infrastructure, please, give us a call, we’d be glad to help.

Computer Networks Inc
757-333-3299 x200
www.computernetworksinc.com

]]>https://www.computernetworksinc.com/2020/06/01/three-tips-to-communicate-effectively-with-remote-workers/feed/0Wishbone App Database Leaked To Public By Hackerhttps://www.computernetworksinc.com/2020/06/01/wishbone-app-database-leaked-to-public-by-hacker/
https://www.computernetworksinc.com/2020/06/01/wishbone-app-database-leaked-to-public-by-hacker/#respondMon, 01 Jun 2020 15:00:00 +0000https://www.computernetworksinc.com/2020/06/01/wishbone-app-database-leaked-to-public-by-hacker/The hacking group calling themselves 'The Shiny Hunters' has been busy. Recently, they put databases containing user records from eleven different companies up for sale on the Dark Web, including a massive ...]]>The hacking group calling themselves 'The Shiny Hunters' has been busy.

Recently, they put databases containing user records from eleven different companies up for sale on the Dark Web, including a massive database containing some 40 million records belonging to the popular Wishbone app.

Wishbone is a social media platform that's especially popular among children. It allows users to compare two items by way of a simple poll. The database was initially being offered for 0.85 bitcoin, which is, at the time this article was written, worth approximately $8,000.

Only days after the database was originally offered for sale, it appeared elsewhere on the Dark Web in its entirety, for free. The information it contains includes usernames, email addresses, phone numbers, geo-location data, hashed passwords, and profile data, including links to uploaded user photos. That's bad news indeed for any parent, because again, this app is especially popular among children.

A closer inspection of the records the database contains reveals that the hashed passwords are only weakly encrypted, using MD5, which can easily be broken using freely available tools, putting every one of the 40 million users identified in the database at risk.

If you're not sure if your child has downloaded Wishbone, it pays to double check immediately. Be sure to change the password on any account you or your children may have associated with the account.

For the company's part, a notice recently went up on the Wishbone website that read: "Protecting data is of the utmost importance. We are investigating this matter and will share any significant developments."

Unfortunately, the most significant development is that some 40 million of the app's users are now at risk. Don't take any chances. If you or your kids use this app, change your password immediately and be on the alert for phishing emails sent to any email address referenced in your Wishbone profile.

]]>https://www.computernetworksinc.com/2020/06/01/wishbone-app-database-leaked-to-public-by-hacker/feed/0New Data Breach Affected Some Bank Of America Loan Applicantshttps://www.computernetworksinc.com/2020/05/30/new-data-breach-affected-some-bank-of-america-loan-applicants/
https://www.computernetworksinc.com/2020/05/30/new-data-breach-affected-some-bank-of-america-loan-applicants/#respondSat, 30 May 2020 15:00:00 +0000https://www.computernetworksinc.com/2020/05/30/new-data-breach-affected-some-bank-of-america-loan-applicants/If you're like many business owners, you may have recently applied for a loan through the Paycheck Protection Program (PPP) which was one of the COVID-19 relief funds established by the Federal ...]]>If you're like many business owners, you may have recently applied for a loan through the Paycheck Protection Program (PPP) which was one of the COVID-19 relief funds established by the Federal government in response to the global pandemic.

If you applied for that loan through Bank of America, be advised that the company recently disclosed a security incident that impacted its online platform for processing those loan requests. The company says that it is possible that other lenders or organizations may have temporarily had access to significant portions of your application data.

The breached data included, but was not limited to:

Your business' name and physical address

Designated company contact officials

Your firm's Tax Identification Number

The name of the company owner

The Social Security Number of the company owner, as well as the owner's email address, phone number and citizenship

Based on the initial findings of an investigation into the matter, Bank of America says that an SBA test server was at the root of the problem.

Per a company spokesman, "...this platform was designed to allow authorized lenders to test the process for submitting PPP applications to the SBA prior to the actual submission process."

The company's official words on the matter makes the issue seem rather insignificant, but there's more. Some business owners have reported that when they logged back into the system to check the status of their loan application, they could see the details of other loan applicants in their dashboard. That means that potentially, many more people than just 'authorized lenders' may have seen the details of your loan application.

The investigation is still ongoing, and so far, Bank of America has declined to comment on the growing number of reports described above, or offered any additional information. If you submitted your application to the PPP loan program by way of Bank of America, just be advised that for a brief period of time, others may have gained access to your application details, and that the problem that caused it has now been solved.

]]>https://www.computernetworksinc.com/2020/05/30/new-data-breach-affected-some-bank-of-america-loan-applicants/feed/0Microsoft Phasing Out 32Bit Windows 10 Support Starting With OEMshttps://www.computernetworksinc.com/2020/05/29/microsoft-phasing-out-32bit-windows-10-support-starting-with-oems/
https://www.computernetworksinc.com/2020/05/29/microsoft-phasing-out-32bit-windows-10-support-starting-with-oems/#respondFri, 29 May 2020 15:00:00 +0000https://www.computernetworksinc.com/2020/05/29/microsoft-phasing-out-32bit-windows-10-support-starting-with-oems/Be advised that Microsoft has announced it will begin phasing out support of the 32-bit version of Windows 10, beginning with OEM's. The change is effective as of the May 2020 release. ...]]>Be advised that Microsoft has announced it will begin phasing out support of the 32-bit version of Windows 10, beginning with OEM's.

The change is effective as of the May 2020 release.

Microsoft had this to say about the recent change:

"Beginning with Windows 10, version 2004, all new Windows 10 systems will be required to use 64-bit builds for OEM distribution. This does not impact 32-bit customer systems that are manufactured with earlier versions of Windows 10; Microsoft remains committed to providing feature and security updates on these devices, including continued 32-bit media availability on non-OEM channels to support various upgrade installation scenarios."

The long and the short of this change is that it sounds far worse than it is. The simple truth is that this change is only slated to impact about 0.20 percent of the massive Windows 10 installed base. The vast majority of Windows 10 installations already use the 64-bit version of the OS. Even so, if you are one of the few users relying on the 32-bit version, be aware that this is the first of several steps that will gradually see Microsoft backing away from 32-bit entirely.

Overall, most industry experts agree that this is a good move. With such a tiny user base, systematically eliminating 32-bit support eliminates a broad range of potential issues and development conflicts that could arise as a consequence of supporting both architectures.

Bottom line: It streamlines and simplifies everyone's life, which means that Microsoft, and every company that develops Windows-compatible software will have one less thing to worry about. Kudos to Microsoft for making the decision, and if you are one of the handful of 32-bit users, just be aware that you're going to need to upgrade sooner, rather than later.

]]>https://www.computernetworksinc.com/2020/05/29/microsoft-phasing-out-32bit-windows-10-support-starting-with-oems/feed/0Home Chef Company Data Breach Affected 8 Million Customershttps://www.computernetworksinc.com/2020/05/28/home-chef-company-data-breach-affected-8-million-customers/
https://www.computernetworksinc.com/2020/05/28/home-chef-company-data-breach-affected-8-million-customers/#respondThu, 28 May 2020 15:00:00 +0000https://www.computernetworksinc.com/2020/05/28/home-chef-company-data-breach-affected-8-million-customers/Are you a Home Chef customer? If so, be advised that the company recently announced a data breach. It was discovered after the hackers who broke in sold more than 8 million ...]]>Are you a Home Chef customer? If so, be advised that the company recently announced a data breach.

It was discovered after the hackers who broke in sold more than 8 million user records on the Dark Web.

The group, calling themselves "The Shiny Hunters" has been busy of late.

They've been selling databases containing records stolen from a total of eleven different companies, with prices ranging from $500 to $2500 per database.

Home Chef was made aware that the database containing their customers' information was available for sale nearly two weeks ago. However, the company waited an inordinate amount of time before coming forward and publicly announcing the breach, a delay which has cost them in the eyes of their customers.

Part of the company's notice on their website reads, in part, as follows:

"Protection of customer data is a top priority for Home Chef and we work hard to safeguard our customers' information. We recently learned of a data security incident impacting select customer information."

The FAQ accompanying the notification goes on to outline that the stolen data includes the following information. It included the customer names, email addresses, phone numbers, the last four digits of any credit card numbers on file, encrypted passwords, and a variety of other general profile information.

Home Chef stressed that only the last four digits of a customer's card was accessed, and reiterated that they don't store complete payment information in their databases.

That's all well and good, but the company is finding it hard to convincingly sell the idea that protection of customer data is a top priority. After all, they waited two weeks to inform their customers that their information was for sale on the Dark Web. That is why, despite the fact that this breach is relatively small compared to others we've seen over the past twelve months, the company is taking flak for it.

In any event, if you're a Home Chef customer, be sure to head to their website and see if yours was one of the accounts accessed. Even if it wasn't, the prudent course of action would be to change your password at the very least.